A potentially dangerous Request.Form value was detected from the client

If you are receiving the A potentially dangerous Request.Form value was detected from the client error while a PostBack occurs (submitting a form, for instance) it is most likely because in the PostBack content, there are HTML or HTML-like tags. This is ASP.NET's defense mechanism that prevents the users of a website to try and inject code into forms, as a way to hack into the websites.

To fix this, you can set the validateRequest attribute to false, either for the entire ASP.NET web application, or just for one page. To disable validateRequest for a single page, go to that page's Page attribute (located at the top of the markup), and set validateRequest to false, as you can see at the end of the example below:

If you prefer to set this value for all the pages in your ASP.NET web application, open (or create) the web.config file and add the <pages validateRequest="false" /> tag inside the system.web tag, as shown in the example below:

that\'s nice ... and i think most of us know that .. but i want a way to go around ValidateRequest from my page ... from the html page .. not from the asp page ..

by Sam on Thursday, July 5th 2007 at 03:59 AM

This is not a security way. Plz gve some useful ideas...THKS...........

by nitin on Tuesday, August 14th 2007 at 06:44 AM

thanks, this is what i was searching for long time.

by john on Thursday, September 6th 2007 at 04:11 PM

You're kidding, right? What a terrible answer. Use a regex validator to validate the textbox against a regular expression of available values - for instance, a description textbox - slap a regex in the validator and it'll check on postback.